Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Telepresence_e20_software | Cisco | * | te4.1.1-cucm (including) |
Telepresence_e20_software | Cisco | te2.2 (including) | te2.2 (including) |
Telepresence_e20_software | Cisco | te2.2.1 (including) | te2.2.1 (including) |
Telepresence_e20_software | Cisco | te4.0.0 (including) | te4.0.0 (including) |
Telepresence_e20_software | Cisco | te4.1.0 (including) | te4.1.0 (including) |
Telepresence_e20_software | Cisco | te4.1.1 (including) | te4.1.1 (including) |
Telepresence_e20_software | Cisco | tenc4.0.0 (including) | tenc4.0.0 (including) |
Telepresence_e20_software | Cisco | tenc4.1.0 (including) | tenc4.1.0 (including) |
Telepresence_e20_software | Cisco | tenc4.1.1 (including) | tenc4.1.1 (including) |
Telepresence_e20_software | Cisco | tenc4.1.1-cucm (including) | tenc4.1.1-cucm (including) |